927 go 122 upgrade check list

.docker/Dockerfile

@@ -1,4 +1,4 @@
-FROM golang:1.22-alpine as builder
+FROM golang:1.23-alpine as builder
 
 ARG BUILD=now
 ARG REPO=github.com/nspcc-dev/neofs-s3-gw

.github/workflows/builds.yml

@@ -54,7 +54,7 @@ jobs:
         uses: actions/setup-go@v5
         with:
           cache: true
-          go-version: '1.22'
+          go-version: '1.23'
 
       - name: Get tree-service client
         run: make sync-tree

.github/workflows/s3-tests.yml

@@ -102,7 +102,7 @@ jobs:
         uses: actions/setup-go@v5
         with:
           cache: true
-          go-version: '1.22'
+          go-version: '1.23'
       - run: go version
 
       - name: Set up Python

.github/workflows/system-tests.yml

@@ -63,7 +63,7 @@ jobs:
         uses: actions/setup-go@v5
         with:
           cache: true
-          go-version: '1.22'
+          go-version: '1.23'
       - run: go version
 
       - name: Set up Python

.github/workflows/tests.yml

@@ -46,7 +46,7 @@ jobs:
         uses: actions/setup-go@v5
         with:
           cache: true
-          go-version: '1.22'
+          go-version: '1.23'
 
       - name: Get tree-service client
         run: make sync-tree
@@ -66,7 +66,7 @@ jobs:
     runs-on: ubuntu-22.04
     strategy:
       matrix:
-        go_versions: [ '1.21', '1.22' ]
+        go_versions: [ '1.22', '1.23' ]
       fail-fast: false
     steps:
       - uses: actions/checkout@v4

CHANGELOG.md

@@ -7,10 +7,16 @@ This document outlines major changes between releases.
 ### Added
 
 ### Changed
+- Go 1.22+ is required to build now (#927)
 
 ### Fixed
 
 ### Updated
+- github.com/minio/sio from v0.4.0 to v0.4.1 (#927)
+- github.com/nats-io/nats.go from v1.34.0 to v1.37.0 (#927)
+- github.com/nspcc-dev/tzhash from v1.8.1 to v1.8.2 (#927)
+- github.com/prometheus/client_golang from v1.20.0 to v1.20.2 (#927)
+- github.com/urfave/cli/v2 from v2.27.2 to v2.27.4 (#927)
 
 ## [0.31.0] - 2024-08-20
 

api/auth/center_test.go

@@ -6,6 +6,7 @@ import (
 	"fmt"
 	"io"
 	"net/http"
+	"slices"
 	"strconv"
 	"strings"
 	"testing"
@@ -111,7 +112,7 @@ func TestSignature(t *testing.T) {
 // TestAwsEncodedChunkReader checks example from https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-streaming.html
 func TestAwsEncodedChunkReader(t *testing.T) {
 	chunkOnePayload := make([]byte, 65536)
-	for i := 0; i < 65536; i++ {
+	for i := range 65536 {
 		chunkOnePayload[i] = 'a'
 	}
 
@@ -125,7 +126,7 @@ func TestAwsEncodedChunkReader(t *testing.T) {
 	require.NoError(t, err)
 
 	chunkTwoPayload := make([]byte, 1024)
-	for i := 0; i < 1024; i++ {
+	for i := range 1024 {
 		chunkTwoPayload[i] = 'a'
 	}
 
@@ -156,7 +157,7 @@ func TestAwsEncodedChunkReader(t *testing.T) {
 
 		require.NoError(t, err)
 
-		require.Equal(t, append(chunkOnePayload, chunkTwoPayload...), payload.Bytes())
+		require.Equal(t, slices.Concat(chunkOnePayload, chunkTwoPayload), payload.Bytes())
 	})
 
 	t.Run("err invalid chunk signature", func(t *testing.T) {
@@ -318,7 +319,7 @@ func TestAwsEncodedChunkReader(t *testing.T) {
 	t.Run("err chunk header too long", func(t *testing.T) {
 		streamSigner := v4.NewChunkSigner("us-east-1", "s3", seedSignature, ts, awsCreds)
 		chunkThreeBody := make([]byte, 4097)
-		for i := 0; i < len(chunkThreeBody); i++ {
+		for i := range chunkThreeBody {
 			chunkThreeBody[i] = 'a'
 		}
 
@@ -360,7 +361,7 @@ func TestAwsEncodedWithRequest(t *testing.T) {
 	chunkSize := 65536
 
 	payload := make([]byte, totalPayloadLength)
-	for i := 0; i < totalPayloadLength; i++ {
+	for i := range totalPayloadLength {
 		payload[i] = 'a'
 	}
 

api/cache/objectslist_test.go

@@ -29,7 +29,7 @@ func TestObjectsListCache(t *testing.T) {
 		cidKey, cidKey2 = cidtest.ID(), cidtest.ID()
 	)
 
-	for i := 0; i < listSize; i++ {
+	for range listSize {
 		versions = append(versions, &data.NodeVersion{BaseNodeVersion: data.BaseNodeVersion{OID: oidtest.ID()}})
 	}
 

api/handler/acl.go

@@ -792,7 +792,7 @@ func mergeAst(parent, child *ast) (*ast, bool) {
 		}
 
 		if newOps != nil {
-			parentResource.Operations = append(newOps, parentResource.Operations...)
+			parentResource.Operations = slices.Concat(newOps, parentResource.Operations)
 		}
 	}
 
@@ -841,7 +841,7 @@ func getAstOps(resource *astResource, childOp *astOperation) []*astOperation {
 func removeAstOp(resource *astResource, group bool, op eacl.Operation, action eacl.Action) {
 	for i, astOp := range resource.Operations {
 		if astOp.IsGroupGrantee() == group && astOp.Op == op && astOp.Action == action {
-			resource.Operations = append(resource.Operations[:i], resource.Operations[i+1:]...)
+			resource.Operations = slices.Delete(resource.Operations, i, i+1)
 			return
 		}
 	}
@@ -866,7 +866,7 @@ func removeUsers(resource *astResource, astOperation *astOperation, users []user
 				}
 			}
 			if len(filteredUsers) == 0 { // remove ast resource
-				resource.Operations = append(resource.Operations[:ind], resource.Operations[ind+1:]...)
+				resource.Operations = slices.Delete(resource.Operations, ind, ind+1)
 			} else {
 				astOp.Users = filteredUsers
 			}
@@ -1186,7 +1186,7 @@ func aclToAst(acl *AccessControlPolicy, resInfo *resourceInfo) (*ast, error) {
 
 	resource := &astResource{resourceInfo: *resInfo}
 
-	ops := append(readOps, writeOps...)
+	ops := slices.Concat(readOps, writeOps)
 
 	// Expect to have at least 1 full control grant for owner which is set in
 	// parseACLHeaders(). If there is no other grants, then user sets private

api/handler/encryption_test.go

@@ -8,6 +8,7 @@ import (
 	"io"
 	"net/http"
 	"net/url"
+	"slices"
 	"strconv"
 	"strings"
 	"testing"
@@ -52,7 +53,7 @@ func TestGetEncryptedRange(t *testing.T) {
 	createTestBucket(tc, bktName)
 
 	var sb strings.Builder
-	for i := 0; i < 1<<16+11; i++ {
+	for i := range 1<<16 + 11 {
 		switch i {
 		case 0:
 			sb.Write([]byte("b"))
@@ -120,7 +121,7 @@ func equalDataSlices(t *testing.T, expected, actual []byte) {
 		return
 	}
 
-	for i := 0; i < len(expected); i++ {
+	for i := range len(expected) {
 		if expected[i] != actual[i] {
 			require.Equalf(t, expected[i], actual[i], "differ start with '%d' position, length: %d", i, len(expected))
 		}
@@ -249,7 +250,7 @@ func TestMultipartEncrypted(t *testing.T) {
 
 	res, _ := getEncryptedObject(t, hc, bktName, objName)
 	require.Equal(t, len(part1)+len(part2), len(res))
-	require.Equal(t, append(part1, part2...), res)
+	require.Equal(t, slices.Concat(part1, part2), res)
 
 	part2Range := getEncryptedObjectRange(t, hc, bktName, objName, len(part1), len(part1)+len(part2)-1)
 	require.Equal(t, part2[0:], part2Range)

api/handler/object_list_test.go

@@ -154,12 +154,12 @@ func validateListV2(t *testing.T, tc *handlerContext, bktName, prefix, delimiter
 	require.Equal(t, last, len(response.NextContinuationToken) == 0)
 
 	require.Len(t, response.Contents, len(checkObjects))
-	for i := 0; i < len(checkObjects); i++ {
+	for i := range checkObjects {
 		require.Equal(t, checkObjects[i], response.Contents[i].Key)
 	}
 
 	require.Len(t, response.CommonPrefixes, len(checkPrefixes))
-	for i := 0; i < len(checkPrefixes); i++ {
+	for i := range checkPrefixes {
 		require.Equal(t, checkPrefixes[i], response.CommonPrefixes[i].Prefix)
 	}
 

api/handler/s3encoder.go

@@ -32,7 +32,7 @@ func shouldEscape(c byte) bool {
 // while considering some S3 exceptions.
 func s3URLEncode(s string, mode encoding) string {
 	spaceCount, hexCount := 0, 0
-	for i := 0; i < len(s); i++ {
+	for i := range s {
 		c := s[i]
 		if shouldEscape(c) {
 			if c == ' ' && mode == encodeQueryComponent {
@@ -59,7 +59,7 @@ func s3URLEncode(s string, mode encoding) string {
 
 	if hexCount == 0 {
 		copy(t, s)
-		for i := 0; i < len(s); i++ {
+		for i := range s {
 			if s[i] == ' ' {
 				t[i] = '+'
 			}
@@ -68,7 +68,7 @@ func s3URLEncode(s string, mode encoding) string {
 	}
 
 	j := 0
-	for i := 0; i < len(s); i++ {
+	for i := range s {
 		switch c := s[i]; {
 		case c == ' ' && mode == encodeQueryComponent:
 			t[j] = '+'

api/handler/tagging_test.go

@@ -9,11 +9,11 @@ import (
 
 func TestTagsValidity(t *testing.T) {
 	sbKey := strings.Builder{}
-	for i := 0; i < keyTagMaxLength; i++ {
+	for range keyTagMaxLength {
 		sbKey.WriteByte('a')
 	}
 	sbValue := strings.Builder{}
-	for i := 0; i < valueTagMaxLength; i++ {
+	for range valueTagMaxLength {
 		sbValue.WriteByte('a')
 	}
 

api/layer/tree_mock.go

@@ -251,7 +251,7 @@ func (t *TreeServiceMock) RemoveVersion(_ context.Context, bktInfo *data.BucketI
 	for key, versions := range cnrVersionsMap {
 		for i, node := range versions {
 			if node.ID == nodeID {
-				cnrVersionsMap[key] = append(versions[:i], versions[i+1:]...)
+				cnrVersionsMap[key] = slices.Delete(versions, i, i+1)
 				return nil
 			}
 		}
@@ -468,7 +468,7 @@ LOOP:
 		for i, multipart := range multiparts {
 			if multipart.ID == multipartNodeID {
 				uploadID = multipart.UploadID
-				cnrMultipartsMap[key] = append(multiparts[:i], multiparts[i+1:]...)
+				cnrMultipartsMap[key] = slices.Delete(multiparts, i, i+1)
 				break LOOP
 			}
 		}

api/reqinfo.go

@@ -6,6 +6,7 @@ import (
 	"net/http"
 	"net/url"
 	"regexp"
+	"slices"
 	"strings"
 	"sync"
 
@@ -182,7 +183,7 @@ func (r *ReqInfo) GetTags() []KeyVal {
 	}
 	r.RLock()
 	defer r.RUnlock()
-	return append([]KeyVal(nil), r.tags...)
+	return slices.Clone(r.tags)
 }
 
 // SetReqInfo sets ReqInfo in the context.

api/s3errors/errors_test.go

@@ -8,7 +8,7 @@ import (
 func BenchmarkErrCode(b *testing.B) {
 	err := GetAPIError(ErrNoSuchKey)
 
-	for i := 0; i < b.N; i++ {
+	for range b.N {
 		if IsS3Error(err, ErrNoSuchKey) {
 			_ = err
 		}
@@ -18,7 +18,7 @@ func BenchmarkErrCode(b *testing.B) {
 func BenchmarkErrorsIs(b *testing.B) {
 	err := GetAPIError(ErrNoSuchKey)
 
-	for i := 0; i < b.N; i++ {
+	for range b.N {
 		if errors.Is(err, GetAPIError(ErrNoSuchKey)) {
 			_ = err
 		}

creds/accessbox/accessbox.go

@@ -10,6 +10,7 @@ import (
 	"errors"
 	"fmt"
 	"io"
+	"slices"
 
 	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
 	"github.com/nspcc-dev/neofs-sdk-go/bearer"
@@ -290,7 +291,7 @@ func encrypt(owner *keys.PrivateKey, sender *keys.PublicKey, data []byte) ([]byt
 		return nil, fmt.Errorf("generate random nonce: %w", err)
 	}
 
-	return append(hkdfSalt, enc.Seal(nonce, nonce, data, nil)...), nil
+	return slices.Concat(hkdfSalt, enc.Seal(nonce, nonce, data, nil)), nil
 }
 
 func decrypt(owner *keys.PrivateKey, sender *keys.PublicKey, data []byte) ([]byte, error) {

creds/accessbox/bearer_token_test.go

@@ -127,7 +127,7 @@ func TestAccessboxMultipleKeys(t *testing.T) {
 	gates := make([]*GateData, 0, count)
 	privateKeys := make([]*keys.PrivateKey, 0, count)
 	{ // generate keys
-		for i := 0; i < count; i++ {
+		for range count {
 			cred, err := keys.NewPrivateKey()
 			require.NoError(t, err)